Scammers Masquerading as Online Payment Facilities Still a Top Phishing Threat

According to the recent E-Threats Landscape Report from BitDefender, scammers pretending to be payment services on the Internet are still considered the top spoofed identities focusing on phishing and spam.

BitDefender security researchers found that the most recent phishing scam focusing on customers of online banking and payment features a number of malicious constituents. First, an unsolicited e-mail is dispatched to spread malware by pretending as Open Source antivirus software.

But on clicking the web link, the user gets a phony executable, setup.exe, instead of getting the security software. This software rewrites everything in C:WINDOWSSystem32driversetc as well as changes the activities of the Web browser by uploading phishing pages purporting in the name of Abbey, Halifax and PayPal.

BitDefender also elucidates that whenever the user enters any of the above financial institution's address into his browser, he is diverted to the fraudulent web pages. Here, with PHP scripts, the phishers pilfer the user's log-in credentials (security code, username and password) and other confidential information (full name, e-mail and home addresses, credit card details including number, Card Verification code, expiry data, and also PIN).

The remaining menu options clicked by the user on the pages would lead him to the relevant sections of the actual site, the report notes.

Moreover, BitDefender discovered that the fraudulent, phishing pages have their domains hosted in Korea and China.

Commenting on the point, Vlad Vâlceanu, Head of anti-spam Research at BitDefender, stated that the prevailing economic crisis was responsible for the propagation of e-crime, as reported by EarthTimes on June 8, 2009.

Vâlceanu further said that BitDefender's latest observations indicated certain alarming aspects. These include the ascendancy of phishing and other online scams since the starting of 2009, the dramatic increase in the aggressiveness and complexity of attacks, and the growth in the aggregate number of actual and potential victims in the same style. Thus, Vâlceanu added that in addition to carefully scan the e-mails coming in, computer users should use dependable security software to remain protected from future attacks.

Related article: Scammers Exploit Tax System Resulting in ID Theft

» SPAMfighter News - 6/13/2009